Commit Graph

2954 Commits

Author SHA1 Message Date
Hauke Mehrtens
2f3d7abccd kernel: Update kernel 4.14 to version 4.14.193
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2020-08-10 19:34:37 +02:00
Hauke Mehrtens
fdac05b741 kernel: Update kernel 4.19 to version 4.19.138
Compile and run tested on lantiq/xrx200

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2020-08-10 19:34:37 +02:00
Adrian Schmutzler
fbd4214bb0 build: improve message for incompatible image on "legacy" devices
It has been reported that the current message displayed during
upgrade with compat_version change is misleading for "legacy"
devices, i.e. those without the "new" fwtool. This is partially
caused by the fact that we need to exploit the supported_devices
string to get some message text displayed for these devices.

This patch modifies the message to make it more helpful and
include additional information, e.g.

  Device linksys,wrt3200acm not supported by this image
  Supported devices: linksys,wrt3200acm linksys-whateverelse - Image
  version mismatch: image 1.1, device 1.0. Please wipe config during
  upgrade (force required) or reinstall. Reason: Config cannot be
  migrated from swconfig to DSA

Note that the line breaks (except the one before Supported devices)
are added manually here, I hesitate to hack \n into the
supported_devices as well. The "Reason:" will only be displayed if
DEVICE_COMPAT_MESSAGE is set for the device, otherwise
"Please check documentation ..." will be shown instead.

While at it, also rearrange the code in image-commands.mk to
make lines shorter and remove the double filter-out command.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-08-08 16:13:51 +02:00
Petr Štetiar
c487cf8e94 hostapd: add wpad-basic-wolfssl variant
Add package which provides size optimized wpad with support for just
WPA-PSK, SAE (WPA3-Personal), 802.11r and 802.11w.

Signed-off-by: Petr Štetiar <ynezz@true.cz>
[adapt to recent changes, add dependency for WPA_WOLFSSL config]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-08-07 12:02:19 +02:00
Felix Fietkau
6c29604438 build: set up host command for egrep
It is used for the kernel build and uses GNU specific features

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2020-08-06 13:17:13 +02:00
Adrian Schmutzler
1d9542c50e build: image: return sizes if check-size fails
Instead of just printing a warning that an image is too big, also
print both actual size and limit in the string:

WARNING: Image file somename.bin is too big: 2096101 > 1048576

Since the kernel size is checked via the same function (if
KERNEL_SIZE is specified), this will also apply to the kernel
image size check.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-08-03 10:40:32 +02:00
Adrian Schmutzler
93d37fad86 build: image: drop unused check-kernel-size recipe
The recipe check-kernel-size is not used in the entire tree. Instead,
we already check the size of the kernel image in Device/Build/kernel
in image.mk via check-size function if KERNEL_SIZE is defined.

Therefore, drop the function. Using it would be redundant anyway.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-08-02 15:54:43 +02:00
Adrian Schmutzler
02d6ac1060 base-files: fwtool: make compat_version backward compatible
So far, the compatibility mechanism only works if both device and
image are already updated to the new routines. This patch extends
the sysupgrade metadata and fwtool_check_image() to account for
"older" images as well:

The basic mechanism for older devices to check for image compatibility
is the supported_devices entry. This can be exploited by putting
a custom message into this variable of the metadata, so older FW
will produce a mismatch and print the message as it thinks it's the
list of supported devices. So, we have two cases:

device 1.0, image 1.0:
  The metadata will just contain supported_devices as before.

device 1.0, image 1.1:
  The metadata will contain:

  "new_supported_devices":["device_string1", "device_string2", ...],
  "supported_devices":["Image version 1.1 incompatible to device: ..."]

  If the device is "legacy", i.e. does not have the updated fwtool.sh,
  it will just fail with image check and print the content of
  supported_devices. If DEVICE_COMPAT_MESSAGE is set, this will be
  printed on old devices as well through the same mechanism. Otherwise
  a generic "Please check documentation ..." is appended.

  Upgrade can still be performed with -F like when
  SUPPORTED_DEVICES has been removed to prevent bricking.

  If the device has updated fwtool.sh (but is 1.0), it will just use
  the new_supported_devices instead, and work as intended (flashing
  with -n will work, flashing without will print the appropriate
  warning).

This mechanism should provide a fair tradeoff between simplicity
and functionality.

Since we touched a lot of fields in metadata, this also bumps
metadata_version to 1.1.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-07-31 11:40:15 +02:00
Adrian Schmutzler
6867d86e08 build: add DEVICE_COMPAT_VERSION and DEVICE_COMPAT_MESSAGE
We regularly encounter the situation that devices are subject to
changes that will make them incompatible to previous versions.
Removing SUPPORTED_DEVICES will not really be helpful in most of these
cases, as this only helps after a rename.

To solve this situation, this patchset introduces a compatibility
version for devices. It will be implemented via a per-device
Make variable DEVICE_COMPAT_VERSION, which will be set to 1.0
globally by default and then can be overwritten as needed.

Furthermore, a variable DEVICE_COMPAT_MESSAGE is added, where
a message to be displayed during sysupgrade may be specified
optionally.

This patch only implements the build variables and adds them
to the sysupgrade metadata, the evaluation will be addressed
in a subsequent patch.

To set it, one would just need to add the following to a device node:

define Device/somedevice
  ...
  DEVICE_COMPAT_VERSION := 1.1
  DEVICE_COMPAT_MESSAGE := Config cannot be migrated from swconfig to DSA
endef

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-07-31 11:40:15 +02:00
Adrian Schmutzler
1d5260cf72 build: add option to mark devices as BROKEN
By specifying "BROKEN := 1" or "BROKEN := y" for a device, it will be
hidden (and deselected) by default. By that, it provides a stronger
option to "disable" a device beyond just using DEFAULT := n.

To make these devices visible, just enable the BROKEN option in
developer settings as already implemented for targets and packages.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-07-30 21:49:07 +02:00
John Audia
b6443367d8 kernel: bump 5.4 to 5.4.52
update_kernel.sh refreshed all patches, no human interaction was needed

Build system: x86_64
Run-tested: Netgear R7800 (ipq806x)

Signed-off-by: John Audia <graysky@archlinux.us>
2020-07-17 11:00:33 +02:00
Roman Yeryomin
2ca084ccaa build: improve ccache support
Set CCACHE_DIR to $(TOPDIR)/.ccache and CCACHE_BASEDIR to $(TOPDIR).
This allows to do clean and dirclean. Cache hit rate for test build
after dirclean is ~65%.
If CCACHE is enabled stats are printed out at the end of building process.
CCACHE_DIR config variable allows to override default, which could be useful
when sharing cache with many builds.
cacheclean make target allows to clean the cache.

Changes from v1:
- remove ccache directory using CCACHE_DIR variable
- remove ccache leftovers from sdk and toolchain make files
- introduce CONFIG_CCACHE_DIR variable
- introduce cacheclean make target

Signed-off-by: Roman Yeryomin <roman@advem.lv>
2020-07-11 15:19:53 +02:00
Eneas U de Queiroz
11192484fa build: reduce number of files passed to ipk-remove
Instead of using xargs to pass a huge number of files to
script/ipkg-remove, which will usually pick only one, use a more
restrictive wildcard so that, currently, at the most 325 files are
examined, instead of up to over 2,300.  The 325-file package is python,
which is picking up python3* ipks.  It is about to be removed.
Runner-up is ddns-scripts with 7 files.

This makes a second run of make package/luci/compile go from
real 16.40s; user 17.42s; sys 2.73s
to
real 10.71s; user 9.51s; sys 1.27s

There is a caveat though: if one were to remove the ABI_VERSION of a
package that ends in a digit [0-9], then the old package ipk will not be
removed from the bin directory by make package/abc2/clean.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
2020-07-11 13:33:28 +02:00
Eneas U de Queiroz
78d1f3ac61 build: call ipkg-remove using xargs if #args>=512
The wildcard call to clean up luci package (luci*) can pick up over
2,300 files when the full tree is built. Running make package/luci/clean
or a second run of make package/luci/compile would fail with an
'Argument list too long' error.

To avoid that, a maybe_use_xargs function was created that runs the
command straight as usual if the number of arguments is < 512, or saves
the list in a temporary file and feeds it to xargs otherwise.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
2020-07-11 13:33:28 +02:00
Eneas U de Queiroz
40acc13ca7 build: package-ipkg: avoid calling wildcard twice
Instead of calling $(wildcard) to check if the removal list is empty,
then calling it again to actually remove the files, define a function so
that the arguments are expanded only once when it gets called.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
2020-07-11 13:33:28 +02:00
John Audia
039fd27173 kernel: bump 5.4 to 5.4.51
update via update_kernel.sh -v -u 5.4

Removed upstreamed patches:
 350-MIPS-Add-missing-EHB-in-mtc0-mfc0-sequence-for-DSPen.patch

Script refreshed patches:
 902-debloat_proc.patch
 904-debloat_dma_buf.patch

Attempted merge conflict in following patches:
 0024-MIPS-lantiq-revert-DSA-switch-driver-PMU-clock-chang.patch

Build system: x86_64
Build tested: ipq806x (Netgear R7800)

Signed-off-by: John Audia <graysky@archlinux.us>
[fixed sha256sum of the tarball]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2020-07-11 13:33:28 +02:00
Rosen Penev
691bf54369 target.mk: change i386 CPU type to pentium-mmx
f4f8f4a180 broke ffmpeg compilation with x86

The reason is that ffmpeg's x86 assembly requires at least MMX, which the
pentium CPU_TYPE was preventing.

Fixes ffmpeg compilation on x86_legacy and x86_geode.

Ref: https://github.com/openwrt/openwrt/pull/3061
Signed-off-by: Rosen Penev <rosenp@gmail.com>
2020-07-08 22:54:34 +02:00
Sergio E. Nemirowski
645b1ec3e2 build: add 'make kernel_xconfig' command
This adds the kernel_xconfig make target.

Signed-off-by: Sergio E. Nemirowski <sergio@outerface.net>
2020-07-08 16:07:05 +02:00
Sergio E. Nemirowski
8fb0b15efd build: add nconfig
Add support for make target nconfig (ncurses)

Reviewed-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
Signed-off-by: Sergio E. Nemirowski <sergio@outerface.net>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2020-07-07 19:47:24 +02:00
David Bauer
cf6f01c0e6 build: conditionally enable testing-kernel feature
Only enable the testing-kernel feature for the target when the testing
kernel version does not match the stable kernel version.

This way, the option for building the testing kernel in the build config
menu is only exposed when there's a testing kernel available.

Signed-off-by: David Bauer <mail@david-bauer.net>
Acked-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-07-07 10:32:09 +02:00
Hauke Mehrtens
68d9cb8214 kernel: Update kernel 5.4 to version 5.4.50
Run tested: ath79, ipq40xx
Build tested: ath79, ipq40xx

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2020-07-04 21:12:42 +02:00
Hauke Mehrtens
6062d85892 kernel: Update kernel 4.19 to version 4.19.131
Fixes:
- CVE-2020-10757

The "mtd: rawnand: Pass a nand_chip object to nand_release()" commit was
backported which needed some adaptations to other code.

Run tested: ath79
Build tested: ath79

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2020-07-04 21:12:42 +02:00
Hauke Mehrtens
ce958dd88a kernel: Update kernel 4.14 to version 4.14.187
Fixes:
- CVE-2020-10757

The "mtd: rawnand: Pass a nand_chip object to nand_release()" commit was
backported which needed some adaptations to other code.

Build tested: ramips

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2020-07-04 21:12:42 +02:00
Paul Spooren
263f7e5bbd build: store default/device packages in JSON
With this commit the `profiles.json` contain both the target specific
`default_packages` as well as the device specific `device_packages` as a
array of strings.

This information is required for downstream projects like the various
web-based interactive firmware generators.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Signed-off-by: Paul Spooren <mail@aparcar.org>
2020-06-30 23:21:10 +01:00
Petr Štetiar
e44e60b290 kernel: bump 5.4 to 5.4.48
Resolved merge conflict in the following patches:

 layerscape: 701-net-0213-dpaa2-eth-Add-CEETM-qdisc-support.patch
 ramips: 0013-owrt-hack-fix-mt7688-cache-issue.patch

Refreshed patches, removed upstreamed patch:

 bcm63xx: 020-v5.8-mtd-rawnand-brcmnand-fix-hamming-oob-layout.patch

Run tested: qemu-x86-64
Build tested: x86/64

Signed-off-by: Petr Štetiar <ynezz@true.cz>
2020-06-22 12:51:22 +02:00
Ian Cooper
b933f9cf0c toolchain: remove gcc libssp and use libc variant
Removes the standalone implementation of stack smashing protection
in gcc's libssp in favour of the native implementation available
in glibc and uclibc. Musl libc already uses its native ssp, so this
patch does not affect musl-based toolchains.

Stack smashing protection configuration options are now uniform
across all supported libc variants.

This also makes kernel-level stack smashing protection available
for x86_64 and i386 builds using non-musl libc.

Signed-off-by: Ian Cooper <iancooper@hotmail.com>
2020-06-17 23:57:07 +02:00
Petr Štetiar
90f930e0c2 kernel: bump 5.4 to 5.4.46
Refreshed patches.

Run tested: qemu-x86-64, wrt3200acm
Build tested: x86/64, imx6, mvebu/cortexa9, sunxi/a53

Signed-off-by: Petr Štetiar <ynezz@true.cz>
2020-06-16 23:36:26 +02:00
Petr Štetiar
e5aa498acb kernel: bump 5.4 to 5.4.45
Fixes CVE-2020-10757 via upstream commit df4988aa1c96 ("mm: Fix mremap
not considering huge pmd devmap").

Resolved merge conflict in the following patches:

 bcm27xx: 950-0128-gpiolib-Don-t-prevent-IRQ-usage-of-output-GPIOs.patch

Refreshed patches, removed upstreamed patch:

 generic: 751-v5.8-net-dsa-mt7530-set-CPU-port-to-fallback-mode.patch
 generic: 754-v5.7-net-dsa-mt7530-fix-roaming-from-DSA-user-ports.patch

Run tested: qemu-x86-64
Build tested: x86/64, imx6, sunxi/a53

Signed-off-by: Petr Štetiar <ynezz@true.cz>
2020-06-09 16:59:33 +02:00
Paul Spooren
4a1a58a3e2 build, imagebuilder: Do not require libncurses-dev
The buildroot and SDK both require `libncurses-dev` to be installed on
the system, however the ImageBuilder uses precompiled binaries.

This patch changes the prerequirements checks to skip the
`libncurses-dev` part if running as ImageBuilder.

Signed-off-by: Paul Spooren <mail@aparcar.org>
2020-06-03 16:49:28 +02:00
Rosen Penev
dc467eac38 prereq-build: test for perl's Data::Dumper
Required for installation of autoconf:

make[5]: Entering directory `/openwrt/build_dir/host/autoconf-2.69'
Making all in bin
make[6]: Entering directory `/openwrt/build_dir/host/autoconf-2.69/bin'
autom4te_perllibdir='..'/lib AUTOM4TE_CFG='../lib/autom4te.cfg'
../bin/autom4te -B '..'/lib -B '..'/lib         --language M4sh --cache
 '' --melt ./autoconf.as -o autoconf.in

Can't locate Data/Dumper.pm in @INC (@INC contains: ../lib
/usr/local/lib64/perl5 /usr/local/share/perl5 /usr/lib64/perl5/vendor_perl
/usr/share/perl5/vendor_perl /usr/lib64/perl5 /usr/share/perl5 .) at
../lib/Autom4te/C4che.pm line 33.
BEGIN failed--compilation aborted at ../lib/Autom4te/C4che.pm line 33.
Compilation failed in require at ../bin/autom4te line 40.
BEGIN failed--compilation aborted at ../bin/autom4te line 40.
make[6]: *** [autoconf.in] Error 2

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2020-06-03 16:49:28 +02:00
Adrian Schmutzler
057e5f6ede treewide: provide consistent basic DEVICE_TYPE
While the effective "default" based on frequent use is "router", the
DEVICE_TYPE variable actually provides a "basic" configuration without
selecting any additional packages.

This is currently set up with the identifier "bootloader", which seems
to be not used at all. However, the only targets not using "router" or
"nas" are actually archs38 and arc770, which use their own value
"developerboard" for DEVICE_TYPE which seems to have been invented when
these targets where added. The latter is not implemented in target.mk,
though, and will fall back to the "basic" set of packages then.

So, to clean this up and make it more readable, let's just define a
DEVICE_TYPE "basic" and use it for the aforementioned cases.

Cc: Christian Lamparter <chunkeey@gmail.com>
Cc: Sungbo Eo <mans0n@gorani.run>
Cc: Linus Walleij <linus.walleij@linaro.org>
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-06-03 15:41:09 +02:00
Petr Štetiar
392c64d8fd kernel: bump 5.4 to 5.4.43
Refreshed patches, removed upstreamed patch:

 bcm27xx: 950-0642-component-Silence-bind-error-on-EPROBE_DEFER.patch

Run tested: qemu-x86-64
Build tested: x86/64, imx6, sunxi/a53

Signed-off-by: Petr Štetiar <ynezz@true.cz>
2020-06-02 17:46:51 +02:00
Matthias Schiffer
4bd7990488
build: compress kernel debuginfo using zstd
zstd with its default settings (compression level -3) compresses better
than bzip2 -9 (which is the default setting), and is an order of magnitude
faster.

I made the following measurements for the most common compression tools
(all standard Debian Buster versions, default flags unless noted
otherwise), using the debug information of a large x86-64 kernel with
ALL_KMODS:

* kernel-debug.tar: 376M
* kernel-debug.tar.gz: 101M, compressed in ~12s
* kernel-debug.tar.bz2: 91M, compressed in ~15s
* kernel-debug.tar.xz: 57M, compressed in ~101s
* kernel-debug.tar.zst: 86M, compressed in ~1s

With zstd, there is still some room for improvement by increasing the
compression, but the slight increase in compression ratio
(22.83% -> 19.46%) does not justify the significant increase in
compression time (about 5 times on my machine) in my opinion.

Note that multithreaded compression (-T argument) does not affect
reproducibility with zstd.

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2020-05-31 11:03:31 +02:00
Matthias Schiffer
4696112ea2
build: add zstd support to pack/unpack functions
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2020-05-31 11:03:30 +02:00
Eneas U de Queiroz
db6c1214e0 build: add option to treat recursive deps as error
Running make with RECURSIVE_DEP_IS_ERROR=1 will cause a hard failure
when a recursive dependency is detected.  This is useful to apply
stricter Ci tests, for example.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
2020-05-20 17:03:45 +02:00
Eneas U de Queiroz
f827f947ae build: show make output in scripts/config when V=s
This should make debugging build errors in scripts/config a bit easier.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
2020-05-20 17:03:45 +02:00
Petr Štetiar
1b2fefb244 kernel: bump 5.4 to 5.4.42
Refreshed patches, removed upstreamed patch:

 generic/pending: 001-v5.4-pinctrl-qcom-fix-wrong-write-in-update_dual_edge.patch.patch

Run tested: qemu-x86-64
Build tested: x86/64, ath79/nand, imx6, sunxi/a53

Signed-off-by: Petr Štetiar <ynezz@true.cz>
2020-05-20 15:26:22 +02:00
Koen Vandeputte
eb17ee294c kernel: bump 5.4 to 5.4.41
Refreshed all patches.

Compile-tested on: imx6
Runtime-tested on: imx6

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2020-05-14 13:33:40 +02:00
Koen Vandeputte
d503492857 kernel: bump 4.19 to 4.19.123
Refreshed all patches.

Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2020-05-14 13:33:40 +02:00
Koen Vandeputte
0fed36dd48 kernel: bump 5.4 to 5.4.40
Refreshed all patches.

Compile-tested on: imx6
Runtime-tested on: imx6

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2020-05-12 12:36:28 +02:00
Koen Vandeputte
7dd2d7289a kernel: bump 4.19 to 4.19.122
Refreshed all patches.

Remove upstreamed:
- 551-loop-Better-discard-support-for-block-devices.patch

Fixed:
- CVE-2020-11884
- CVE-2020-12114
- CVE-2019-3016
- CVE-2020-11669

Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2020-05-12 12:36:28 +02:00
Koen Vandeputte
ef2d5a2ab4 kernel: bump 4.14 to 4.14.180
Refreshed all patches.

Fixes:
- CVE-2020-12114
- CVE-2020-11669

Compile-tested on: pistachio
Runtime-tested on: none

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2020-05-12 12:36:28 +02:00
Petr Štetiar
d1d2c0b557 kernel: bump 5.4 to 5.4.39
Refreshed patches.

Run tested: qemu-x86-64
Build tested: x86/64, imx6, sunxi/a53, layerscape/armv7+armv8_64b

Signed-off-by: Petr Štetiar <ynezz@true.cz>
2020-05-07 12:53:06 +02:00
Florian Eckert
4d86e2ce06 buildsystem: add CPE information to ipkg packages and manifest files
Common Platform Enumeration (CPE) is a structured naming scheme for
information technology systems, software, and packages.

This information already exists in some makefiles. In order for the
information to be processed further, it should also be added to the
manifest file and the control file of ipkg packages.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2020-05-05 22:07:59 +02:00
Petr Štetiar
73de205c57 kernel: bump 5.4 to 5.4.38
Refreshed patches.

Run tested: qemu-x86-64, apalis
Build tested: x86/64, ipq40xx, ath79, imx6, sunxi/a53

Signed-off-by: Petr Štetiar <ynezz@true.cz>
2020-05-04 21:09:12 +02:00
Petr Štetiar
5ea3ea154f kernel: bump 5.4 to 5.4.36
Refreshed patches, removed upstreamed patch:

 generic/hack: 551-loop-Better-discard-support-for-block-devices.patch

Added generic config symbol `ARM64_ERRATUM_1542419` due to Fixes:
f2791551cedb ("arm64: errata: Hide CTR_EL0.DIC on systems affected by
Neoverse-N1 #1542419").

Run tested: qemu-x86-64, apalis, nbg6617
Build tested: x86/64, imx6, ipq40xx, sunxi/a53

Signed-off-by: Petr Štetiar <ynezz@true.cz>
2020-04-30 00:52:04 +02:00
Kevin Darbyshire-Bryant
35a8657a40 build: prereq: change minimum make version to 3.82
undefine was added in make 3.82 which is now some 10 years ago, some
make scripts are beginning to use 'undefine'

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2020-04-29 14:26:23 +01:00
Lucian Cristian
60712bd536 u-boot.mk: switch download to https
ftp can cause problems on some networks switch primary download location
to https and add another mirror

Signed-off-by: Lucian Cristian <lucian.cristian@gmail.com>
2020-04-26 21:20:47 +02:00
Petr Štetiar
ef5d37ba5e kernel: bump 5.4 to 5.4.35
Refreshed one patch.

Run tested: qemu-x86-64
Build tested: x86/64, imx6, sunxi/a53, rockchip/armv8

Signed-off-by: Petr Štetiar <ynezz@true.cz>
2020-04-25 13:22:28 +02:00
Petr Štetiar
faf668be35 kernel: bump 5.4 to 5.4.34
Refreshed patches.

Run tested: qemu-x86-64, apalis, a64-olinuxino
Build tested: x86/64, imx6, sunxi/a53

Signed-off-by: Petr Štetiar <ynezz@true.cz>
2020-04-21 22:16:33 +02:00
DENG Qingfang
29a458b0ca kernel: netfilter.mk: fix kmod-ipt-nat6 installation on 5.4
xt_MASQUERADE.ko is picked up by both kmod-ipt-nat and kmod-ipt-nat6, causing
conflict
As kmod-ipt-nat6 already depends on kmod-ipt-nat, remove xt_MASQUERADE from it

Fixes: FS#2924
Fixes: 0fad8af851 ("kernel: Include xt_MASQUERADE for kernel 5.2 and later")
Signed-off-by: DENG Qingfang <dengqf6@mail2.sysu.edu.cn>
2020-04-20 15:07:17 +02:00
Petr Štetiar
23916bca61 kernel: bump 5.4 to 5.4.33
Refreshed patches, removed upstreamed patches:

 oxnas: 001-irqchip-versatile-fpga-Handle-chained-IRQs-properly.patch
 oxnas: 002-irqchip-versatile-fpga-Apply-clear-mask-earlier.patch

Run tested: qemu-x86-64, apalis
Build tested: x86/64, imx6, sunxi/a53

Signed-off-by: Petr Štetiar <ynezz@true.cz>
2020-04-17 15:18:12 +02:00
Koen Vandeputte
3c3825436e kernel: bump 4.19 to 4.19.115
Refreshed all patches.

Remove upstreamed:
- 600-ipv6-addrconf-call-ipv6_mc_up-for-non-Ethernet-inter.patch
- 184-USB-serial-option-add-Wistron-Neweb-D19Q1.patch

Fixes:
- CVE-2020-8647
- CVE-2020-8648 (potentially)
- CVE-2020-8649

Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2020-04-16 13:23:11 +02:00
Koen Vandeputte
e31d158c4d kernel: bump 4.14 to 4.14.176
Refreshed all patches.

Remove upstreamed:
- 0001-net-thunderx-workaround-BGX-TX-Underflow-issue.patch
- 600-ipv6-addrconf-call-ipv6_mc_up-for-non-Ethernet-inter.patch
- 184-USB-serial-option-add-Wistron-Neweb-D19Q1.patch

Fixes:
- CVE-2020-8648 (potentially)
- CVE-2020-8647
- CVE-2020-8649

Compile-tested on: cns3xxx, octeontx
Runtime-tested on: cns3xxx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2020-04-16 13:23:11 +02:00
Petr Štetiar
0bea89a1d0 kernel: bump 5.4 to 5.4.32
Refreshed patches, removed upstreamed patches:

 generic: 746-stable-net-dsa-mt7530-fix-null-pointer-dereferencing-in-por.patch

Run tested: qemu-x86-64, apalis
Build tested: x86/64, imx6, sunxi/a53

Signed-off-by: Petr Štetiar <ynezz@true.cz>
2020-04-14 21:58:16 +02:00
Jo-Philipp Wich
6c16d64b2a Revert "build: add option to warn on recursive dependency"
This reverts commit 3204430e38.

Reverting this commit in preparation for reverting
dcf3e63a35 ("build: scripts/config - update to kconfig-v5.6") which
introduces various unaddressed build breakages.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2020-04-12 00:10:30 +02:00
Eneas U de Queiroz
3204430e38 build: add option to warn on recursive dependency
This addes the option to treat recursive dependencies as warnings
instead of errors, by running make with WARN_RECURSIVE_DEP=1.

Note that the script/config targets will not get rebuilt when you add or
remove WARN_RECURSIVE_DEP while running make.  One must run
'make config-clean' before building config with a different setting.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
2020-04-09 12:51:10 +02:00
Eneas U de Queiroz
8636a17214 build: simplify building *config targets
Instead of passing pkg-config location through a variable when building
qconf (make xconfig), prepend its parent directory to the PATH, as it is
being done for other conf targets.

Use a Makefile pattern rule to group all 'scripts/config/%onf'
(currently conf, mconf, qconf) targets in a single rule.  Add -O2 to
CFLAGS when building them as well.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
2020-04-09 12:51:10 +02:00
Felix Fietkau
4627b5df69 build: move symvers files to kernel build dir
The symvers files of older kernel versions are incompatible with the ones
from 5.4, so changing the kernel version without running make clean was
causing build failures in kernel module packages.
Fix this by moving the directory, ensuring that symvers files get thrown
away with a kernel version change

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2020-04-09 09:54:02 +02:00
Felix Fietkau
5c6fe8e850 build: fix kernel_menuconfig on macOS with newer kernel versions
Account for upstream build system changes

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2020-04-09 09:54:02 +02:00
Petr Štetiar
b299002877 kernel: bump 5.4 to 5.4.31
Refreshed patches, removed upstreamed patches:

 oxnas:   003-ARM-dts-oxnas-Fix-clear-mask-property.patch
 generic: 184-USB-serial-option-add-Wistron-Neweb-D19Q1.patch

Run tested: apu2, qemu-x86-64, apalis
Build tested: sunxi/a53, imx6, x86/64, ipq40xx

Tested-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk> [apu2]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2020-04-09 00:12:46 +02:00
Kevin Darbyshire-Bryant
c14c6902f5 treewide: convert sed -r to posix -E
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2020-04-04 11:28:15 +01:00
Paul Spooren
07449f692c build: refactor JSON info files to profiles.json
JSON info files contain machine readable information of built profiles
and resulting images. These files were added in commit 881ed09ee6
("build: create JSON files containing image info").

They are useful for firmware wizards and script checking for
reproducibility.

Currently all JSON files are stored next to the built images, resulting
in up to 168 individual files for the ath79/generic target.

This patch refactors the JSON creation to store individual per image
(not per profile) files in $(BUILD_DIR)/json_info_files and create an
single overview file called `profiles.json` in the target directory.

Storing per image files and not per profile solves the problem of
parallel file writes. If a profiles sysupgrade and factory image are
finished at the same time both processes would write to the same JSON
file, resulting in randomly broken outputs.

Some target like x86/64 do not use the image code yet, resulting in
missing JSON files. If no JSON info files were created, no
`profiles.json` files is created as it would be empty anyway.

As before, this creation is enabled by default only if `BUILDBOT` is set.

Tested via buildroot & ImageBuilder on ath79/generic, imx6 and x86/64.

Signed-off-by: Paul Spooren <mail@aparcar.org>
[json_info_files dir handling in Make, if case refactoring]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2020-04-03 12:17:45 +02:00
李国
a6b7c3e672 x86: generate EFI platform bootable images
Add EFI platform bootable images for x86 platforms. These images can
also boot from legacy BIOS platform.

EFI System Partition need to be fat12/fat16/fat32 (not need to load
filesystem drivers), so the first partition of EFI images are not ext4
filesystem any more.

GPT partition table has an alternate partition table, we did not
generate it. This may cause problems when use these images as qemu disk
(kernel can not find rootfs), we pad enough sectors will be ok.

Signed-off-by: 李国 <uxgood.org@gmail.com>
[part_magic_* refactoring, removed genisoimage checks]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2020-03-31 16:20:47 +02:00
Petr Štetiar
5ecc0cfd6f kernel: bump 5.4 to 5.4.28
Changelog since 5.4.24 mentions CVE-2019-19769, CVE-2020-8648,
CVE-2020-8649 and CVE-2020-8647.

Removed upstreamed:

 generic: 507-v5.6-iio-chemical-sps30-fix-missing-triggered-buffer-depe.patch
 generic: 600-ipv6-addrconf-call-ipv6_mc_up-for-non-Ethernet-inter.patch
 bcm27xx: 950-0435-ASoC-pcm512x-Fix-unbalanced-regulator-enable-call-in.patch
 ipq806x: 701-stmmac-fix-notifier-registration.patch
 lantiq: 002-pinctrl-falcon-fix-syntax-error.patch
 octeontx: 0002-net-thunderx-workaround-BGX-TX-Underflow-issue.patch

Run tested: apu2, qemu-x86-64, apalis, a64-olinuxino, nbg6617
Build tested: sunxi/a53, imx6, x86/64, ipq40xx

Tested-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk> [apu2]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2020-03-28 13:03:02 +01:00
Kevin Darbyshire-Bryant
1fb3c003d6 build: prereq: tidy gcc version checks
There is a restriction in the number of parameters(10)  that may be passed to
the SetupHostCommand macro so continually adding explicit gcc'n' version
checks ends up breaking the compiler check for the later versions and
oddballs like Darwin as was done in 835d1c68a0 which added gcc10.

Drop all the explicitly specified gcc version checks.  If a suitable gcc
compiler is not found, it may be specified at the dependency checking
stage after which that version will be symlinked into the build staging
host directory.

eg. 'CC=gccfoo CXX=g++foo make prereq'

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Acked-by: Jo-Philipp Wich <jo@mein.io>
2020-03-24 14:42:52 +00:00
Robert Marko
835d1c68a0
build: add GCC 10 version detection
Lets add GCC 10 detection to the build system as distributions like Fedora 32 have started shipping with it.
Some tools like mtd-utils need work to compile under GCC10, but that will be next step.

Signed-off-by: Robert Marko <robert.marko@sartura.hr>
2020-03-23 02:12:30 +01:00
Sungbo Eo
1444e31a7b build: image: set default parameter for check-size
In most cases check-size is used with IMAGE_SIZE and vice versa. Let check-size
use IMAGE_SIZE by default.

Signed-off-by: Sungbo Eo <mans0n@gorani.run>
2020-03-21 19:59:08 +01:00
Paul Spooren
33cc7e763b x86: use qemu-image command from image-commands.mk
The `qemu-image` command converts images to the specified type and
reduces redundant code.

Adaption from Alexander Couzens <lynxis@fe80.eu> work[0].

[0]: https://git.openwrt.org/?p=openwrt/staging/lynxis.git;a=blob;f=target/linux/x86/image/Makefile;h=83b8140b7aefbe708fd09c9c61827e7e39bda8b4;hb=416cccf398e9589e3de386e05b61b1c46cace20d#l51

Signed-off-by: Paul Spooren <mail@aparcar.org>
2020-03-21 10:36:00 +00:00
Paul Spooren
cb007a7bf6 x86: switch image generation to new code
This commit introduces few related changes which need to be done in
single commit to keep images buildable between git revisions. In result
it retains all previous image creation possibilities with slight name
change of generated images. Brief summary of the commit:

* Split up image generation recipe to smaller chunks to make it more
  generic and reusable.

* Make iso images x86 specific and drop their definition as root
  filesystem.

* Convert image creation process to generic code specified in image.mk.

* Make geode subtarget inherit features from the main target instead of
  redefining them.

* For subtargets create device definitions with basic packages set.

Signed-off-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
[rebased]
Signed-off-by: Paul Spooren <mail@aparcar.org>
2020-03-21 10:36:00 +00:00
Sungbo Eo
90daff4cf8 build: image: move IMAGE_SIZE to image.mk
IMAGE_SIZE is widely used in many targets. Declare it in the default template to
clean up redundant code. This also prevents deriving IMAGE_SIZE unintentionally
from the previously defined device.

While at it, remove duplicate KERNEL_SIZE declaration.

Signed-off-by: Sungbo Eo <mans0n@gorani.run>
2020-03-11 18:25:06 +01:00
Koen Vandeputte
f9f62d43e4 kernel: bump 5.4 to 5.4.24
Refreshed all patches.

Compile-tested on: imx6
Runtime-tested on: imx6

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2020-03-09 20:43:53 +01:00
Koen Vandeputte
e64564920a kernel: bump 4.19 to 4.19.108
Refreshed all patches.

Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2020-03-09 20:43:53 +01:00
Koen Vandeputte
d5a3536631 kernel: bump 4.14 to 4.14.172
Refreshed all patches.

Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2020-03-09 20:43:53 +01:00
Kevin Darbyshire-Bryant
a5100a0bd1 build: simplify gnu-getopt search
getopt is the only command where /usr/local/bin is specified explicitly.
All other commands are assumed to exist in the PATH in one form or
another.  Remove this exception and require gnugetopt/getopt to be in
the user's PATH.

In the case of macos Homebrew, getopt is 'keg only' hence not linked
into /usr/local/bin whilst other commands are linked and likely found by
virtue of /usr/local/bin being in PATH.

Since 2019 Homebrew is very reluctant to install links that have
potential to override default OS behaviour, eg: following instructions
on our current 'how to build on macos' wiki page:

$ brew ln gnu-getopt --force
Warning: Refusing to link macOS-provided software: gnu-getopt
If you need to have gnu-getopt first in your PATH run:
  echo 'export PATH="/usr/local/opt/gnu-getopt/bin:$PATH"' >> ~/.zshrc

A better option for macos is to link getopt as 'gnugetopt' in
/usr/local/bin, thus the build system will find 'gnugetopt' but other
applications looking for just 'getopt' will find the original macos
binary.

Ultimately it makes sense that 'GNU' dependencies are placed in
/usr/local/bin and /usr/local/bin is included in the user's PATH.

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2020-03-02 11:42:31 +00:00
Jeffery To
dddcff2550 build: Remove STAGING_DIR_HOST references for InstallDev/UninstallDev
Build/InstallDev no longer places a file list in
$(STAGING_DIR_HOST)/packages; this change removes the creation of
$(STAGING_DIR_HOST)/packages and the attempted removal of a
STAGING_DIR_HOST file list during package clean.

This also changes the host directory passed to Build/UninstallDev from
$(STAGING_DIR_HOST) to $(STAGING_DIR)/host, to match the directory
passed to Build/InstallDev.

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
2020-03-01 21:35:59 +01:00
Kevin Darbyshire-Bryant
4d87963381 build: add xargs as prerequisite
Build system needs an 'xargs' that supports '-r' which darwin doesn't.
Homebrew installs a 'gxargs' with the findutils package so look for
'gxargs' as well as 'xargs'

This is a bit of a 'fun' corner case anyway. xargs is only required by
the build if 'CONFIG_AUTOREMOVE' is set and after the build system has
built 'tools/findutils' we have a fully working xargs for host anyway.
Until that time we have to rely on the host's xargs implementation.

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2020-02-29 20:55:37 +00:00
Koen Vandeputte
0fad8af851 kernel: Include xt_MASQUERADE for kernel 5.2 and later
Instead of ip6t_MASQUERADE, include xt_MASQUERADE on kernel >= 5.2.

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2020-02-28 17:50:46 +01:00
Koen Vandeputte
4e0c54bc5b kernel: add support for kernel 5.4
The following patches were removed because they are integrated in the upstream kernel 5.4:
 * backport-5.4/047-v4.21-mtd-keep-original-flags-for-every-struct-mtd_info.patch
 * backport-5.4/048-v4.21-mtd-improve-calculating-partition-boundaries-when-ch.patch
 * backport-5.4/080-v5.1-0001-bcma-keep-a-direct-pointer-to-the-struct-device.patch
 * backport-5.4/080-v5.1-0002-bcma-use-dev_-printing-functions.patch
 * backport-5.4/095-Allow-class-e-address-assignment-via-ifconfig-ioctl.patch
 * backport-5.4/101-arm-cns3xxx-use-actual-size-reads-for-PCIe.patch
 * backport-5.4/200-v5.2-usb-dwc2-Set-lpm-mode-parameters-depend-on-HW-configuration.patch
 * backport-5.4/210-arm64-sve-Disentangle-uapi-asm-ptrace.h-from-uapi-as.patch
 * backport-5.4/380-v5.3-net-sched-Introduce-act_ctinfo-action.patch
 * backport-5.4/450-v5.0-mtd-spinand-winbond-Add-support-for-W25N01GV.patch
 * backport-5.4/451-v5.0-mtd-spinand-Add-initial-support-for-Toshiba-TC58CVG2.patch
 * backport-5.4/452-v5.0-mtd-spinand-add-support-for-GigaDevice-GD5FxGQ4xA.patch
 * backport-5.4/455-v5.1-mtd-spinand-Add-support-for-all-Toshiba-Memory-produ.patch
 * backport-5.4/456-v5.1-mtd-spinand-Add-support-for-GigaDevice-GD5F1GQ4UExxG.patch
 * backport-5.4/460-v5.0-mtd-spi-nor-Add-support-for-mx25u12835f.patch
 * backport-5.4/460-v5.3-mtd-spinand-Define-macros-for-page-read-ops-with-thr.patch
 * backport-5.4/461-v5.3-mtd-spinand-Add-support-for-two-byte-device-IDs.patch
 * backport-5.4/462-v5.3-mtd-spinand-Add-support-for-GigaDevice-GD5F1GQ4UFxxG.patch
 * backport-5.4/463-v5.3-mtd-spinand-Add-initial-support-for-Paragon-PN26G0xA.patch
 * backport-5.4/700-v5.1-net-phylink-only-call-mac_config-during-resolve-when.patch
 * backport-5.4/701-v5.2-net-phylink-ensure-inband-AN-works-correctly.patch
 * backport-5.4/702-v4.20-net-ethernet-Add-helper-for-MACs-which-support-asym-.patch
 * backport-5.4/703-v4.20-net-ethernet-Add-helper-for-set_pauseparam-for-Asym-.patch
 * backport-5.4/704-v4.20-net-phy-Stop-with-excessive-soft-reset.patch
 * backport-5.4/705-v5.1-net-phy-provide-full-set-of-accessor-functions-to-MM.patch
 * backport-5.4/706-v5.1-net-phy-add-register-modifying-helpers-returning-1-o.patch
 * backport-5.4/707-v5.1-net-phy-add-genphy_c45_check_and_restart_aneg.patch
 * backport-5.4/708-v5.3-net-phylink-remove-netdev-from-phylink-mii-ioctl-emu.patch
 * backport-5.4/709-v5.3-net-phylink-support-for-link-gpio-interrupt.patch
 * backport-5.4/710-v5.3-net-phy-allow-Clause-45-access-via-mii-ioctl.patch
 * backport-5.4/711-v5.3-net-sfp-add-mandatory-attach-detach-methods-for-sfp-.patch
 * backport-5.4/712-v5.3-net-sfp-remove-sfp-bus-use-of-netdevs.patch
 * backport-5.4/713-v5.2-net-phylink-avoid-reducing-support-mask.patch
 * backport-5.4/714-v5.3-net-sfp-Stop-SFP-polling-and-interrupt-handling-duri.patch
 * backport-5.4/715-v5.3-net-phylink-don-t-start-and-stop-SGMII-PHYs-in-SFP-m.patch
 * backport-5.4/740-v5.5-net-phy-avoid-matching-all-ones-clause-45-PHY-IDs.patch
 * backport-5.4/741-v5.5-net-phylink-fix-link-mode-modification-in-PHY-mode.patch
 * pending-5.4/103-MIPS-perf-ath79-Fix-perfcount-IRQ-assignment.patch
 * pending-5.4/131-spi-use-gpio_set_value_cansleep-for-setting-chipsele.patch
 * pending-5.4/132-spi-spi-gpio-fix-crash-when-num-chipselects-is-0.patch
 * pending-5.4/220-optimize_inlining.patch
 * pending-5.4/341-MIPS-mm-remove-no-op-dma_map_ops-where-possible.patch
 * pending-5.4/475-mtd-spi-nor-Add-Winbond-w25q128jv-support.patch
 * pending-5.4/477-mtd-add-spi-nor-add-mx25u3235f.patch
 * pending-5.4/479-mtd-spi-nor-add-eon-en25qh64.patch

Some bigger changes were done to this feature and we did not port this patch yet:
 * hack-5.4/207-disable-modorder.patch

This depends on BOOTMEM which was removed from the kernel, this needs some bigger changes:
 * hack-5.4/930-crashlog.patch

A different version of the FPU disable patch was merged upstream, OpenWrt needs some adaptations.
 * pending-5.4/304-mips_disable_fpu.patch

- no crashlog support yet as a required file got deleted upstream
- Removed patch below, which is now seen as a recursive dependency [1]
- Removed patch below due to build error [2]
- fix still required to avoid identical function def [3]
- Fixes included from Blocktrron
- Fixes included from Chunkeey
- Fix included from nbd regarding "dst leak in Flow Offload"

[1] target/linux/generic/hack-5.4/260-crypto_test_dependencies.patch
[2] target/linux/generic/hack-5.4/207-disable-modorder.patch
[3] target/linux/generic/pending-5.4/613-netfilter_optional_tcp_window_check.patch

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Signed-off-by: David Bauer <mail@david-bauer.net>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
Signed-off-by: Robert Marko <robimarko@gmail.com>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2020-02-28 17:50:45 +01:00
Koen Vandeputte
7ae2523323 kernel: bump 4.19 to 4.19.106
Refreshed all patches.

Remove upstreamed:
- 950-0786-leds-pca963x-Fix-open-drain-initialization.patch

Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2020-02-24 19:11:36 +01:00
Koen Vandeputte
b6c9d2bab0 kernel: bump 4.19 to 4.19.105
Refreshed all patches.

Fixes:
- CVE-2013-1798
- CVE-2019-3016

Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2020-02-24 14:19:16 +01:00
Koen Vandeputte
f4bea1b6a3 kernel: bump 4.14 to 4.14.171
Refreshed all patches.

Fixes:
- CVE-2013-1798

Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2020-02-24 14:18:59 +01:00
Paul Spooren
73f3ad1df2 build: fix empty SUBTARGET in json files
Some targets like kirkwood or omap don't use a subtarget which results
in a malformed JSON info file.

Instead of having a valid value like `"target": "ath79/tiny"` for these
targets the value is `"target": "kirkwood/"`.

This patch uses the same if condition to use `generic` if the subtarget
is empty.

Tested for the kirkwood target.

Signed-off-by: Paul Spooren <mail@aparcar.org>
2020-02-13 17:45:46 +01:00
Koen Vandeputte
20b5a4ca01 kernel: bump 4.19 to 4.19.101
Refreshed all patches.

Fixes:
- CVE-2019-14896
- CVE-2019-14897

Remove upstreamed:
- 023-0007-crypto-crypto4xx-Fix-wrong-ppc4xx_trng_probe-ppc4xx_.patch
- 950-0202-staging-bcm2835-camera-fix-module-autoloading.patch
- 001-4.22-01-MIPS-BCM63XX-drop-unused-and-broken-DSP-platform-dev.patch

Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2020-02-04 18:10:13 +01:00
Koen Vandeputte
1b310cff0f kernel: bump 4.14 to 4.14.169
Refreshed all patches.

Fixes:
- CVE-2019-14896
- CVE-2019-14897

Remove upstreamed:
- 023-0007-crypto-crypto4xx-Fix-wrong-ppc4xx_trng_probe-ppc4xx_.patch
- 001-4.22-01-MIPS-BCM63XX-drop-unused-and-broken-DSP-platform-dev.patch

Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2020-02-04 18:10:13 +01:00
Hauke Mehrtens
eec50c73c4 build: Add KBUILD_HOSTLDLIBS
In Linux kernel commit 8377bd2b9ee1 ("kbuild: Rename HOST_LOADLIBES to
KBUILD_HOSTLDLIBS") HOST_LOADLIBES was renamed to KBUILD_HOSTLDLIBS.
This patch adapts the OpenWrt kernel build to this new variable. Without
this change the kernel host tools would not link against the libraries
found in the staging directory.

Signed-off-by: Hauke Mehrtens <hauke.mehrtens@intel.com>
2020-01-26 19:20:08 +01:00
Koen Vandeputte
40842167d2 kernel: bump 4.19 to 4.19.98
Refreshed all patches.

Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2020-01-24 13:14:33 +01:00
Koen Vandeputte
76254cb75e kernel: bump 4.14 to 4.14.167
Refreshed all patches.

Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2020-01-24 13:14:33 +01:00
Koen Vandeputte
7adb0f9810 kernel: bump 4.19 to 4.19.97
Refreshed all patches.

Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2020-01-20 13:41:49 +01:00
Koen Vandeputte
ac050025a5 kernel: bump 4.14 to 4.14.166
Refreshed all patches.

Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2020-01-20 13:41:49 +01:00
Koen Vandeputte
6cc7498daa kernel: bump 4.19 to 4.19.96
Refreshed all patches.

Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2020-01-20 13:41:49 +01:00
Koen Vandeputte
2b4654f74f kernel: bump 4.14 to 4.14.165
Refreshed all patches.

Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2020-01-20 13:41:49 +01:00
Koen Vandeputte
692b91f56b kernel: bump 4.19 to 4.19.95
Refreshed all patches.

Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2020-01-20 13:41:49 +01:00
Koen Vandeputte
b5480de4d1 kernel: bump 4.14 to 4.14.164
Refreshed all patches.

Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2020-01-20 13:41:49 +01:00
Sungbo Eo
c26b687e31 kernel: remove further obsolete kernel version switches
Most of the kernel version switches below 4.14 were removed in commit
97940f8766 ("kernel: remove obsolete kernel version switches"),
but some of them still remained. Remove them now.

Signed-off-by: Sungbo Eo <mans0n@gorani.run>
2020-01-18 19:39:05 +01:00
Jeff Kletsky
f0b76d02e8 build: define check-kernel-size to remove unflashable images
Certain boards have limitations on U-Boot that prevent flashing
of images where the kernel size exceeds a threshold, yet
sysupgrade can sucessfully manage larger kernels. The current
check-size will remove the target artifact if its total size
exceeds the threshold. If applied after append-kernel,
it will remove the kernel, but the remaining image-assembly
steps will continue, resulting in an image without a kernel
that is likely unbootable.

By defining check-kernel-size, it is now possible to prevent release
of such unbootable images through a construct similar to:

  IMAGE/factory.img := append-kernel | pad-to $$$$(GL_UBOOT_UBI_OFFSET) | \
    append-ubi | check-kernel-size $$$$(GL_UBOOT_UBI_OFFSET)

Cc: Chuanhong Guo <gch981213@gmail.com>

Signed-off-by: Jeff Kletsky <git-commits@allycomm.com>
2020-01-15 20:05:48 +01:00
Xu Wang
44304c1d67 base-files: fix build for /sbin/pkg_check
Setting CONFIG_IPK_FILES_CHECKSUMS=y causes sha256 checksum files to be
included with the packages to check for corruption. This commit fixes two
issues:
- /sbin/pkg_check was being removed incorrectly if IPK_FILES_CHECKSUMS=y
- checksums were being saved in the wrong file

Signed-off-by: Xu Wang <xwang1498@gmx.com>
2020-01-14 17:52:34 +01:00
Jo-Philipp Wich
0e05093b12 netfilter: package required kmods for nftables
Package new kmods "nf_tables_set" and "nft_objref" which got introduced
with kernel 4.18 and restrict the old "nft_set_rbtree" and "nft_set_hash"
modules to sub-4.18 versions.

Also reorder the nftables related netfilter.mk entries alphabetically
while touching this code section.

Fixes: FS#2699
Ref: https://bugs.openwrt.org/index.php?do=details&task_id=2699#comment7450
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2020-01-14 16:58:43 +01:00
Hauke Mehrtens
19cbac7d26 buildsystem: Make PIE ASLR option tristate
This tristate choose allows to select to build only some applications
with PIE enabled. On MIPS binaries are getting about 30% bigger when PIE
is activated for the, which is a huge increase.

Network exposed applications like dnsmasq should then be build with PIE
enabled, but some applications which are normally not parsing data from
the network do not have it activated. The regular option should give a
good trade off between extra flash and RAM memory usage and security.

This changes the default from building no applications with PIE to build
some specifically marked applications with PIE enabled. This option is
only activated for targets with bigger flash and RAM to not consume
extra memory on the very small targets. On SDK builds the Regular option
should always be selected, because some tiny targets share the
applications with big targets and only the images for the tiny targets
should contain the none PIE applications, but the images for the normal
targets should use PIE. The shared packages should always use PIE when
it should be normally activated.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Acked-by: Petr Štetiar <ynezz@true.cz>
2020-01-13 15:34:36 +01:00
David Bauer
8b86ddf4d5 netfilter: add back nft_hash
nft_hash hash falsely removed in commit 97940f8766
("kernel: remove obsolete kernel version switches").

Add the module back, as otherwise the build fails.

Fixes: 97940f8766 ("kernel: remove obsolete kernel version switches")

Signed-off-by: David Bauer <mail@david-bauer.net>
2020-01-12 18:59:07 +01:00
Adrian Schmutzler
97940f8766 kernel: remove obsolete kernel version switches
After kernel 4.9 has been removed, this removes all (now obsolete)
kernel version switches that deal with versions before 4.14.

Package kmod-crypto-iv is empty now and thus removed entirely.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-01-12 16:34:20 +01:00
Adrian Schmutzler
57a9633a2c kernel: remove support for kernel 4.9
No target uses kernel 4.9 anymore.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-01-08 16:45:08 +01:00
Adrian Schmutzler
9b0e8d0aa4 treewide: move mktplinkfw to tplink-v1-image in image-commands.mk
This move the slightly different target-specific implementations of
mktplinkfw from the targets to include/image-commands.mk and renames
it to tplink-v1-image. Having a common version will increase
consistency between implementation and will complete the
tplink build command already present in the new location.

Due to the slight differences of the original implementations, this
also does some adjustments to the device build commands/variables.

This also moves rootfs_align as this is required as dependency.

Tested on:
- TL-WDR4300 v1 (ath79, factory)
- TL-WDR4900 v1 (mpc85xx, sysupgrade)
- RE210 v1 (ramips, see Tested-by)

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Tested-by: Christoph Krapp <achterin@googlemail.com>
2020-01-08 16:15:29 +01:00
Hauke Mehrtens
fba8083540 kernel: bump 4.9 to 4.9.208
Refreshed all patches.

Compile-tested on: none
Runtime-tested on: none

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2020-01-05 00:48:02 +01:00
Hauke Mehrtens
b6cdc042af kernel: bump 4.19 to 4.19.93
Refreshed all patches.

The patch hack-4.19/550-loop-better-discard-for-block-devices.patch was
replaced with an new version of the patch from:
https://lore.kernel.org/patchwork/patch/1153625/
https://lore.kernel.org/patchwork/patch/1153626/

Compile-tested on: ipq40xx, lantiq
Runtime-tested on: ipq40xx, lantiq

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2020-01-05 00:43:36 +01:00
Hauke Mehrtens
1bb90a28e4 kernel: bump 4.14 to 4.14.162
Refreshed all patches.

Compile-tested on: ramips
Runtime-tested on: ramips

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2020-01-05 00:43:33 +01:00
Hauke Mehrtens
9a417fbd0d kernel: bump 4.14 to 4.14.161
Refreshed all patches.

Compile-tested on: ipq40xx, ramips
Runtime-tested on: ipq40xx

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2020-01-04 00:45:58 +01:00
Hauke Mehrtens
47a93a810f kernel: bump 4.9 to 4.9.207
Refreshed all patches.

Compile-tested on: ar7
Runtime-tested on: none

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-12-24 18:04:32 +01:00
Hauke Mehrtens
25b422a041 kernel: bump 4.14 to 4.14.160
Refreshed all patches.

Compile-tested on: ipq40xx, apm821xx
Runtime-tested on: ipq40xx

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-12-24 17:45:54 +01:00
Hauke Mehrtens
f0df0d6a14 kernel: bump 4.19 to 4.19.91
Refreshed all patches.

Compile-tested on: ipq40xx, apm821xx
Runtime-tested on: ipq40xx

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-12-24 17:45:33 +01:00
Koen Vandeputte
e115fa478f kernel: bump 4.19 to 4.19.90
Refreshed all patches.

Remove upstreamed:
- 010-dmaengine-dw-dmac-implement-dma-prot.patch
- 950-0148-Increase-firmware-call-buffer-size-to-48-bytes.patch
- 950-0206-Mailbox-firmware-calls-now-use-kmalloc-2749.patch
- 402-leds-trigger-netdev-fix-handling-on-interface-rename.patch

Fixes:
- CVE-2019-19332

Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
[Add 010-dt-bindings-dmaengine-dw-dmac-add-protection-control.patch]
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-12-24 15:34:43 +01:00
Koen Vandeputte
7604e53d5f kernel: bump 4.14 to 4.14.159
Refreshed all patches.

Remove upstreamed:
- 302-0002-dmaengine-dw-implement-per-channel-protection-contro.patch

Fixes:
- CVE-2019-19332

Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-12-24 01:22:45 +01:00
Rosen Penev
383abffb11 cmake: Install host packages to lib instead of lib64
Several CMake packages such as log4cplus and protobuf(-c) install to
lib64 instead of lib on some hosts. This completely breaks rpath linking.
Override it globally to avoid fixing each package individually.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
Tested-by: Sebastian Kemper <sebastian_ml@gmx.net>
2019-12-23 00:22:07 +01:00
Rosen Penev
856ea2bad3 libcxx: Add package
Currently in OpenWrt, there are two libc++: libstdcpp and uClibc++. The
former is huge and the latter supports only C++98 with some basic support
for C++11. Those C++ versions seem to be specific to the compiler version

libcxx supports C++11 and above while being much smaller than libstdcpp.
On mt7621, these are the sizes of the ipks that I get:

libstdcpp: 460786
libcxx: 182881
uClibc++:67720

libcxx is faster than uClibc++ and is under active development as part of
the LLVM project while uClibc++ is effectively dead.

This PR modifies uclibc++.mk to expose the make menuconfig option. Further
cleanup is beyond the scope of this PR. What that means is, this is not
used by default.

A g++-libcxx wrapper based on the uClibc++ one was added. Works the same
way.

Compile tested with all packages that use uclibc++.mk in their Makefiles
under mipsel_24kc. kismet fails compilation but that package needs to be
cleaned up and updated.

Runtime tested with gddrescue, gdisk, dcwapd, bonnie++, and aircrack-ng
on a TP-Link Archer C7v2.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2019-12-23 00:22:07 +01:00
Adrian Schmutzler
bc3783d221 build: image: add SOC device variable
This creates the device variable SOC and adds it to DEFAULT_DEVICE_VARS.

It is supposed to replace target-specific SOC variables like ATH_SOC or
MTK_SOC and thus unify variable names across targets.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2019-12-20 01:07:25 +01:00
Koen Vandeputte
88ca372b5a kernel: bump 4.19 to 4.19.88
Refreshed all patches.

Remove upstreamed:
- 0004-boot-sq201-from-sda1.patch
- 500-v4.20-ubifs-Fix-default-compression-selection-in-ubifs.patch
- 0003-usb-dwc2-use-a-longer-core-rest-timeout-in-dwc2_core.patch

Altered patches:
- 0011-ARM-dts-Fix-up-SQ201-flash-access.patch
- 400-mtd-add-rootfs-split-support.patch
- 0101-pci-mediatek-backport-fix-pcie.patch

Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-12-10 09:50:42 +01:00
Koen Vandeputte
d395583d69 kernel: bump 4.14 to 4.14.158
Refreshed all patches.

Altered patches:
- 400-mtd-add-rootfs-split-support.patch

Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-12-10 09:50:42 +01:00
Koen Vandeputte
a9b9592196 kernel: bump 4.9 to 4.9.206
Refreshed all patches.

Altered patches:
- 400-mtd-add-rootfs-split-support.patch

Compile-tested on: none
Runtime-tested on: none

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-12-10 09:50:42 +01:00
Koen Vandeputte
7c76565d4c kernel: bump 4.9 to 4.9.205
Refreshed all patches.

Fixes:
- CVE-2019-18660

Compile-tested on: none
Runtime-tested on: none

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-11-29 17:05:38 +01:00
Koen Vandeputte
f19e471f32 kernel: bump 4.19 to 4.19.86
Refreshed all patches.

Altered patches:
- 950-0064-mfd-Add-Raspberry-Pi-Sense-HAT-core-driver.patch
- 0005-mtd-physmap_of-Move-custom-initialization.patch

Remove upstreamed:
- 0001-pinctrl-gemini-Mask-and-set-properly.patch
- 0002-pinctrl-gemini-Fix-up-TVC-clock-group.patch

Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-11-29 09:59:49 +01:00
Koen Vandeputte
414b7c107a kernel: bump 4.14 to 4.14.156
Refreshed all patches.

Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-11-29 09:59:49 +01:00
Petr Štetiar
74acc160a9 kernel-build: ignore runtime config options during reconfig
Don't put CC_HAS_ASM_GOTO, IS_GCC, IS_CLANG and GCC_VERSION runtime
config options into the kernel configs during reconfiguration as it
makes no sense, since these options should be set at runtime.

Fixes: FS#2588
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-11-24 14:19:43 +01:00
Kamil Wcislo
09c428ec6b
build: add PKG_SOURCE_URL_FILE support
It seems that there is a missing PKG_SOURCE_URL_FILE support.
This little fix adds the support for packages to change the name of the
downloaded file.

Sometimes it is desirable to change the downloaded archive file name, like
for mitigating name conflicts for different packages (some files on the server
could be named like, e.g. 2018-01-01.tar.gz) or for the cases that there is
no name for the file in the URL (e.g. http://someserver.com/download).

Signed-off-by: Kamil Wcislo <kamil.wcislo@lpnplant.io>
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2019-11-23 13:35:43 +01:00
Koen Vandeputte
e29500eb84 kernel: bump 4.19 to 4.19.85
Refreshed all patches.

Altered patches:
- 080-sata_support.patch

Remove upstreamed:
- 034-v4.20-MIPS-BCM47XX-Enable-USB-power-on-Netgear-WNDR3400v3.patch
- 001-4.21-01-BCM63XX-fix-switch-core-reset-on-BCM6368.patch
- 073-qcom-ipq4019-fix-cpu0-s-qcom-saw2-reg-value.patch

Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-11-22 16:56:46 +01:00
Koen Vandeputte
db9e9e8382 kernel: bump 4.14 to 4.14.155
Refreshed all patches.

Altered patches:
- 707-dpaa-ethernet-support-layerscape.patch

Remove upstreamed:
- 034-v4.20-MIPS-BCM47XX-Enable-USB-power-on-Netgear-WNDR3400v3.patch
- 001-4.21-01-BCM63XX-fix-switch-core-reset-on-BCM6368.patch
- 073-qcom-ipq4019-fix-cpu0-s-qcom-saw2-reg-value.patch

Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-11-22 16:56:46 +01:00
Koen Vandeputte
7533087565 kernel: bump 4.19 to 4.19.84
Refreshed all patches.

Altered patches:
- 950-0748-net-bcmgenet-Workaround-for-Pi-4B-network-issue.patch
- 950-0754-Revert-net-bcmgenet-Workaround-for-Pi-4B-network-iss.patch
- 902-debloat_proc.patch

Remove upstreamed:
- 150-MIPS-bmips-mark-exception-vectors-as-char-arrays.patch

New symbols:
X86_INTEL_MPX
X86_INTEL_MEMORY_PROTECTION_KEYS
X86_INTEL_TSX_MODE_OFF
X86_INTEL_TSX_MODE_ON
X86_INTEL_TSX_MODE_AUTO

Compile-tested on: cns3xxx, x86_64
Runtime-tested on: cns3xxx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-11-19 14:59:03 +01:00
Koen Vandeputte
d6aea46a50 kernel: bump 4.14 to 4.14.154
Refreshed all patches.

Altered patches:
- 902-debloat_proc.patch
- 040-dmaengine-qcom-bam-Process-multiple-pending-descript.patch
- 807-usb-support-layerscape.patch
- 809-flexcan-support-layerscape.patch
- 816-pcie-support-layerscape.patch

Remove upstreamed:
- 150-MIPS-bmips-mark-exception-vectors-as-char-arrays.patch
- 303-spi-nor-enable-4B-opcodes-for-mx66l51235l.patch

New symbols:
X86_INTEL_MPX
X86_INTEL_MEMORY_PROTECTION_KEYS
X86_INTEL_TSX_MODE_OFF
X86_INTEL_TSX_MODE_ON
X86_INTEL_TSX_MODE_AUTO
SGL_ALLOC

Compile-tested on: cns3xxx, x86_64
Runtime-tested on: cns3xxx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-11-19 14:59:03 +01:00
Koen Vandeputte
d2ee922051 kernel: bump 4.9 to 4.9.202
Refreshed all patches.

Altered patches:
- 902-debloat_proc.patch

Compile-tested on: none
Runtime-tested on: none

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-11-19 14:59:03 +01:00
Thomas Weißschuh
2066ee09d9 build: prereq: add support for Python 3.8
Add support for Python 3.8 which was released Oct. 14, 2019.

Signed-off-by: Thomas Weißschuh <thomas@t-8ch.de>
[added missing commit description, simplified version check]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-11-14 22:53:31 +01:00
Petr Štetiar
c001ace8bd build: prereq: simplify Python 3 version checks
We don't need to check if python3.5 binary is actually Python 3.5+.

Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-11-14 22:53:31 +01:00
Petr Štetiar
f962e021d4 kernel-build: fix kernel_menuconfig breakage by forcing YACC
Commit 965f341aa9 ("build: fix host menu config targets using
ncurses") has moved host's path with pkg-config (usually /usr/bin) at
the first place in PATH variable, which is now causing issues with bison
as BISON_PKGDATADIR points into STAGING_DIR_HOST, but the actual bison
used is the one under host PATH (usually /usr/bin/bison), leading to the
following strange failures:

 $ make target/linux/clean kernel_menuconfig V=sc

 export MAKEFLAGS= ;make -C /somewhere/linux-4.19.81 menuconfig
 make -f ./scripts/Makefile.build obj=scripts/kconfig menuconfig
  ...
  bison -oscripts/kconfig/zconf.tab.c -t -l scripts/kconfig/zconf.y
  staging_dir/host/bin/m4: cannot open `staging_dir/host/share/bison/bison.m4': No such file or directory
  staging_dir/host/bin/m4: cannot open `staging_dir/host/share/bison/c-skel.m4': No such file or directory
  ...
  gcc -Wp,-MD,scripts/kconfig/.zconf.tab.o.d <...snip...> -o scripts/kconfig/zconf.tab.o scripts/kconfig/zconf.tab.c
  gcc: error: scripts/kconfig/zconf.tab.c: No such file or directory
  gcc: fatal error: no input files

Fix this by forcing usage of bison under STAGING_DIR_HOST/bin via YACC
make variable.

Cc: Thomas Albers <thomas.gameiro@gmail.com>
Cc: Stijn Tintel <stijn@linux-ipv6.be>
Cc: Eneas U de Queiroz <cotequeiroz@gmail.com>
Tested-by: Ivan Revyakin <LovingFox@GMail.com>
Tested-by: Thomas Albers <thomas.gameiro@googlemail.com>
Ref: https://forum.openwrt.org/t/bpi-r64-kernel-4-19-kernel-menuconfig-error
Fixes: 965f341aa9 ("build: fix host menu config targets using ncurses")
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-11-14 22:53:31 +01:00
Kevin Darbyshire-Bryant
dfd8c45a98 build: image: posix compatibility cut v head
Replace 2 instances of non posix use of 'head' with posix compliant
'cut'.

'head -c n' cuts 'n' bytes from the passed string and happens to work on
Linux & Mac OS X even though '-c' is not posix.

'head --bytes n' does the same thing and happens to work on linux but
not on Mac OS X and is also not posix.

'cut -b1-8' cuts the first 8 bytes from the passed string and is posix
compliant, hence works on Linux & Mac OS X.

Our usage of 'head --bytes' was particularly unfortunate since it was
used to calculated the RootFS UUID passed to grub - the net result being
a non-functioning system waiting for the root file system to appear.

Thanks to karlp, ynezz & others for pointers on solving this.

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2019-11-12 15:43:14 +00:00
Koen Vandeputte
6589de9af7 kernel: bump 4.19 to 4.19.82
Refreshed all patches.

Remove upstreamed:
- 950-0295-sc16is7xx-Fix-for-Unexpected-interrupt-8.patch

Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-11-12 10:15:01 +01:00
Koen Vandeputte
ecfe552f99 kernel: bump 4.14 to 4.14.152
Refreshed all patches.

Altered patches:
- 301-arch-support-layerscape.patch

Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-11-12 10:15:01 +01:00
Koen Vandeputte
015fefa8e7 kernel: bump 4.9 to 4.9.199
Refreshed all patches.

Compile-tested on: none
Runtime-tested on: none

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-11-12 10:15:01 +01:00
Paul Spooren
98d1c7d834 build: image: add common and reproducible IMG_PART_SIGNATURE variable
x86, mvebu and tegra targets are currently using more or less same
SIGNATURE variable which provides unique partition ID/signature, so it
makes sense to refactor it out into common variable which could be
reused by all targets.  While at it, make the content of the variable
reproducible.

Ref: http://lists.infradead.org/pipermail/openwrt-devel/2019-March/016148.html
Signed-off-by: Paul Spooren <mail@aparcar.org>
Suggested-by: Jo-Philipp Wich <jo@mein.io>
[renamed to IMG_PARTSIGNATURE, reworked with epoch+vermagic hash]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-11-11 16:37:13 +01:00
Petr Štetiar
0fb23d67f0 build: image: fix build breakage of some images
Commit 881ed09ee6 ("build: create JSON files containing image info")
has removed the crucial empty new line from the image copy step
resulting in the following errors during make function expansion:

 GZ_SUFFIX :=
 bash: GZ_SUFFIX: command not found
 Makefile:86: recipe for target 'openwrt-ath79-generic-tplink_archer-c7-v5-squashfs-sysupgrade.bin' failed

Fixes: 881ed09ee6 ("build: create JSON files containing image info")
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-11-08 11:02:18 +01:00
Yousong Zhou
66ebca7103 build: label kernel and rootfs ext4 volumes
UUID of ext4 volumes generated by make_ext4fs are determined by volume
label and it will all be 57f8f4bc-abf4-655f-bf67-946fc0f9f25b when label
is empty

Labeling them does not make them unique but tools like block command
from fstools have a better chance differentiating them

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2019-11-03 04:25:40 +00:00
Koen Vandeputte
df60a0852c kernel: bump 4.19 to 4.19.81
Refreshed all patches.

Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-10-31 09:17:14 +01:00
Koen Vandeputte
0e212220e9 kernel: bump 4.14 to 4.14.151
Refreshed all patches.

Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-10-31 09:17:14 +01:00
Koen Vandeputte
b314d14297 kernel: bump 4.9 to 4.9.198
Refreshed all patches.

Compile-tested on: none
Runtime-tested on: none

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-10-31 09:17:13 +01:00
Koen Vandeputte
4b2ab533d4 kernel: bump 4.19 to 4.19.80
Refreshed all patches.

Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-10-30 11:16:25 +01:00
Koen Vandeputte
0787b7247f kernel: bump 4.14 to 4.14.150
Refreshed all patches.

Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-10-30 11:16:25 +01:00
Koen Vandeputte
8390dde3f8 kernel: bump 4.9 to 4.9.197
Refreshed all patches.

Compile-tested on: none
Runtime-tested on: none

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-10-30 11:16:25 +01:00
Rafał Miłecki
d22c1755fc netfilter: fix NAT packaging with kernels 5.2+
It's related to the upstream kernel commit adf82accc5f5 ("netfilter:
x_tables: merge ip and ipv6 masquerade modules").

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2019-10-28 08:40:02 +01:00
Sven Roederer
b81cee86e6 build: have scripts/feeds honor all toplevel .mk-files of a feed
The luci and freifunk feed having a common Makefile included by the
individual packages. Currently a change to this file will be ignored
when running "scripts/feeds update".
When we are updating for a feed, add a dependency for all .mk files
in the root of it.

Signed-off-by: Sven Roederer <devel-sven@geroedel.de>
2019-10-27 14:32:13 +01:00
John Crispin
f4aaee01fa Revert "build: separate signing logic"
This reverts commit 4a45e69d19.

This broke the buildbots

Signed-off-by: John Crispin <john@phrozen.org>
2019-10-21 16:26:24 +02:00
Andre Heider
02330a6556 build: call Host/Uninstall before wiping the host build dir
Uninstall targets may depend on build artefacts, like `make uninstall`
or `ninja uninstall`.

Signed-off-by: Andre Heider <a.heider@gmail.com>
2019-10-21 14:18:17 +02:00
Paul Spooren
4a45e69d19 build: separate signing logic
This separates the options for signature creation and verification

* SIGNED_PACKAGES create Packages.sig
* SIGNED_IMAGES add ucert signature to created images
* CHECK_SIGNATURE add verification capabilities to images
* INSTALL_LOCAL_KEY add local key-build to /etc/opkg/keys

Right now the buildbot.git contains some hacks to create images that
have signature verification capabilities while not storing private keys
on buildbot slaves. This commit allows to disable these steps for the
buildbots and only perform signing on the master.

Signed-off-by: Paul Spooren <mail@aparcar.org>
2019-10-21 14:06:42 +02:00
Michal Cieslakiewicz
f46a4a9293 image: add magic number option for append-uImage-fakehdr
'append-uImage-fakehdr' can now accept magic number as a second, optional
parameter (passed directly to 'mkimage' command with '-M' option). This
enables construction of proper Netgear-specific fake rootfs images
(required for flashing WNDR4300 for example).

Signed-off-by: Michal Cieslakiewicz <michal.cieslakiewicz@wp.pl>
2019-10-21 13:27:12 +02:00